|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Spam Deferred Trick
From: Big Brother (admin
clouddancer.com)Date: Tue Oct 10 2000 - 20:40:09 CDT
- Next message: Ralf Hildebrandt: "Re: Spam Deferred Trick"
- Previous message: Zhong Chen: "debug smtp"
- Next in thread: Ralf Hildebrandt: "Re: Spam Deferred Trick"
- Reply: Ralf Hildebrandt: "Re: Spam Deferred Trick"
- Reply: Brad Knowles: "Re: Spam Deferred Trick"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
While watching a filtered stream of the postfix logfile on a busy
server, I've noticed some interesting behavior. My mailing list
archive didn't provide an answer, so:
What I see is an incoming message for an non-existant user. Postfix
generates a bounce message to the sending host. That sending host
terminates the connection for the bounce message (spam software most
likely), postfix kicks it into the deferred queue to try, try again.
Wonderful, I'm saddled with 5 days worth of useless trying to send for
each message the above trick is played upon.
It seems that I could recognize this behavior with a time window
(time of deferred) - (time of bounce) < setable limit --> /dev/null
or turn off bounce messages, or make them single attempt only.
Is any of this possible? It's a stock setup of postfix, maybe I just
need some tweaks here and there...
The other minor note is an external host .forward to a local
non-existant user, the bounce message just goes into a mail loop. I
didn't find a message thread on adding a header field to detect this
(as in procmail).
r
- Next message: Ralf Hildebrandt: "Re: Spam Deferred Trick"
- Previous message: Zhong Chen: "debug smtp"
- Next in thread: Ralf Hildebrandt: "Re: Spam Deferred Trick"
- Reply: Ralf Hildebrandt: "Re: Spam Deferred Trick"
- Reply: Brad Knowles: "Re: Spam Deferred Trick"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]